blihanstealer | af9c3b438c10279e5c7f9e2e817b5e966622f52e2d96cd0bd572bc5ef716a91d | Triage

Sharing

General

Target

1964-10-0x0000000000400000-0x000000000040E000-memory.dmp
Size

56KB
Sample

250324-jtpzhstvh1
MD5

6de33d4341efe0ae7b48cc8dd94af9b4
SHA1

981c5b7691ff9e2a17876bee48b745ded3f02720
SHA256

af9c3b438c10279e5c7f9e2e817b5e966622f52e2d96cd0bd572bc5ef716a91d
SHA512

f6a8c7e7d6f329c9d54d8b6862277f0c5b791614c28b94c81cd0ca89c52946daba5a6e7c8c9ffa71635e55b2aee7ad36142e114ca715ad29cefd879a0e69385b
SSDEEP

384:nx2KzC6+1ihcz/A78FBPgyX6bpYQkm7HZp9zO0gWRqpd+/rhBbx0A0kHKkYp:q6wTz/A780vbpqiHZplRRqpd6rnxnok

Score

10^/10

blihanstealer discovery

Malware Config

Extracted

Family

blihanstealer

Mutex

pomdfghrt

Attributes

user_agent
Mozilla/4.0 (compatible; MSIE 7.0; Windows NT 5.1; Trident/4.0; CIBA; .NET CLR 2.0.50727; .NET CLR 3.0.04506.648; .NET CLR 3.5.21022)

Targets

- Target
  
  1964-10-0x0000000000400000-0x000000000040E000-memory.dmp
- Size
  
  56KB
- MD5
  
  6de33d4341efe0ae7b48cc8dd94af9b4
- SHA1
  
  981c5b7691ff9e2a17876bee48b745ded3f02720
- SHA256
  
  af9c3b438c10279e5c7f9e2e817b5e966622f52e2d96cd0bd572bc5ef716a91d
- SHA512
  
  f6a8c7e7d6f329c9d54d8b6862277f0c5b791614c28b94c81cd0ca89c52946daba5a6e7c8c9ffa71635e55b2aee7ad36142e114ca715ad29cefd879a0e69385b
- SSDEEP
  
  384:nx2KzC6+1ihcz/A78FBPgyX6bpYQkm7HZp9zO0gWRqpd+/rhBbx0A0kHKkYp:q6wTz/A780vbpqiHZplRRqpd6rnxnok
Score

3^/10

discovery
behavioral1 behavioral2

MITRE ATT&CK Enterprise v15

Reconnaissance

Resource Development

Initial Access

Execution

Persistence

Privilege Escalation

Defense Evasion

Credential Access

Discovery

System Location Discovery

System Language Discovery

Lateral Movement

Collection

Command and Control

Exfiltration

Impact

Tasks

static1

behavioral1

behavioral2